package com.microsoft.skype.teams.utilities;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.microsoft.teams.core.models.GlobalPreferences;
import com.microsoft.teams.core.utilities.DateUtilities;
import com.microsoft.teams.nativecore.logger.ILogger;
import com.microsoft.teams.nativecore.preferences.IPreferences;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Locale;
import java.util.Random;
import java.util.TimeZone;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes9.dex */
public final class SecretBox {
    private static final String AEC_CIPHER_TYPE = "AES/CBC/PKCS5Padding";
    private static final String RSA_CIPHER_TYPE = "RSA/ECB/OAEPWithSHA-256AndMGF1Padding";
    private static final String SECRET_KEY_ALIAS = "SecretKeyAlias";
    private static final String TAG = "com.microsoft.skype.teams.utilities.SecretBox";

    private SecretBox() {
    }

    private static String decodeEncryptionKeyWithSecretKey(String str, ILogger iLogger) {
        byte[] bArr;
        KeyPair secretKeyFromKeyStore = getSecretKeyFromKeyStore(iLogger);
        if (secretKeyFromKeyStore == null || str == null) {
            return str;
        }
        try {
            bArr = process(2, secretKeyFromKeyStore.getPrivate(), Base64.decode(str, 0), iLogger);
        } catch (Exception e) {
            iLogger.log(7, TAG, e);
            bArr = null;
        }
        if (bArr == null) {
            return null;
        }
        return Base64.encodeToString(bArr, 0);
    }

    public static String decryptNotifications(String str, ILogger iLogger, IPreferences iPreferences) {
        byte[] decode = Base64.decode(str, 0);
        byte[] process = process(2, Base64.decode(getNotificationEncryptionAseKey(iLogger, iPreferences), 0), Arrays.copyOfRange(decode, 1, 17), Arrays.copyOfRange(decode, 17, decode.length - 32), iLogger);
        if (process == null) {
            return null;
        }
        return new String(process, StandardCharsets.UTF_8);
    }

    private static String encodeEncryptionKeyWithSecretKey(byte[] bArr, ILogger iLogger) {
        KeyPair secretKeyFromKeyStore = getSecretKeyFromKeyStore(iLogger);
        if (secretKeyFromKeyStore == null || bArr == null) {
            return Base64.encodeToString(bArr, 0);
        }
        byte[] process = process(1, secretKeyFromKeyStore.getPublic(), bArr, iLogger);
        if (process == null) {
            return null;
        }
        return Base64.encodeToString(process, 0);
    }

    private static byte[] generateSecretKey(int i, ILogger iLogger) {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(i);
            return keyGenerator.generateKey().getEncoded();
        } catch (NoSuchAlgorithmException e) {
            iLogger.log(7, TAG, e);
            return null;
        }
    }

    public static synchronized String getNotificationEncryptionAseKey(ILogger iLogger, IPreferences iPreferences) {
        synchronized (SecretBox.class) {
            String stringGlobalPref = iPreferences.getStringGlobalPref(GlobalPreferences.NOTIFICATION_ENCRYPTION_ASE_KEY, null);
            if (stringGlobalPref != null && !isNotificationEncryptionAseKeyExpired(iPreferences)) {
                return decodeEncryptionKeyWithSecretKey(stringGlobalPref, iLogger);
            }
            byte[] generateSecretKey = generateSecretKey(256, iLogger);
            String encodeToString = Base64.encodeToString(generateSecretKey, 0);
            iPreferences.putStringGlobalPref(GlobalPreferences.NOTIFICATION_ENCRYPTION_ASE_KEY, encodeEncryptionKeyWithSecretKey(generateSecretKey, iLogger));
            iPreferences.putStringGlobalPref(GlobalPreferences.NOTIFICATION_ENCRYPTION_ASE_KEY_GENERATION_TIME, getServerTime());
            return encodeToString;
        }
    }

    public static synchronized String getNotificationEncryptionAseKeyGenerationTime(IPreferences iPreferences) {
        String stringGlobalPref;
        synchronized (SecretBox.class) {
            stringGlobalPref = iPreferences.getStringGlobalPref(GlobalPreferences.NOTIFICATION_ENCRYPTION_ASE_KEY_GENERATION_TIME, null);
        }
        return stringGlobalPref;
    }

    public static synchronized String getNotificationEncryptionAuthKey(ILogger iLogger, IPreferences iPreferences) {
        synchronized (SecretBox.class) {
            String stringGlobalPref = iPreferences.getStringGlobalPref(GlobalPreferences.NOTIFICATION_ENCRYPTION_AUTH_KEY, null);
            if (stringGlobalPref != null && !isNotificationEncryptionAseKeyExpired(iPreferences)) {
                return decodeEncryptionKeyWithSecretKey(stringGlobalPref, iLogger);
            }
            byte[] generateSecretKey = generateSecretKey(256, iLogger);
            String encodeToString = Base64.encodeToString(generateSecretKey, 0);
            iPreferences.putStringGlobalPref(GlobalPreferences.NOTIFICATION_ENCRYPTION_AUTH_KEY, encodeEncryptionKeyWithSecretKey(generateSecretKey, iLogger));
            return encodeToString;
        }
    }

    public static synchronized String getNotificationEncryptionCryptoMethod(IPreferences iPreferences) {
        synchronized (SecretBox.class) {
            String stringGlobalPref = iPreferences.getStringGlobalPref(GlobalPreferences.NOTIFICATION_ENCRYPTION_CRYPTO_METHOD, null);
            if (stringGlobalPref != null && !isNotificationEncryptionAseKeyExpired(iPreferences)) {
                return stringGlobalPref;
            }
            String str = "0x7" + Integer.toString(new Random().nextInt(8));
            iPreferences.putStringGlobalPref(GlobalPreferences.NOTIFICATION_ENCRYPTION_CRYPTO_METHOD, str);
            return str;
        }
    }

    private static KeyPair getSecretKeyFromKeyStore(ILogger iLogger) {
        if (Build.VERSION.SDK_INT >= 23) {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                if (keyStore.containsAlias(SECRET_KEY_ALIAS)) {
                    return new KeyPair(keyStore.getCertificate(SECRET_KEY_ALIAS).getPublicKey(), (PrivateKey) keyStore.getKey(SECRET_KEY_ALIAS, null));
                }
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(SECRET_KEY_ALIAS, 3).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("OAEPPadding").build());
                return keyPairGenerator.generateKeyPair();
            } catch (IOException e) {
                iLogger.log(7, TAG, e);
            } catch (InvalidAlgorithmParameterException e2) {
                iLogger.log(7, TAG, e2);
            } catch (KeyStoreException e3) {
                iLogger.log(7, TAG, e3);
            } catch (NoSuchAlgorithmException e4) {
                iLogger.log(7, TAG, e4);
            } catch (NoSuchProviderException e5) {
                iLogger.log(7, TAG, e5);
            } catch (UnrecoverableEntryException e6) {
                iLogger.log(7, TAG, e6);
            } catch (CertificateException e7) {
                iLogger.log(7, TAG, e7);
            }
        }
        return null;
    }

    private static String getServerTime() {
        Calendar calendar = Calendar.getInstance();
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss z", Locale.US);
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone(DateUtilities.GMT_TIME_ZONE));
        return simpleDateFormat.format(calendar.getTime());
    }

    public static synchronized byte[] getTokenCacheKey(ILogger iLogger, IPreferences iPreferences) {
        synchronized (SecretBox.class) {
            String stringGlobalPref = iPreferences.getStringGlobalPref(GlobalPreferences.AUTH_USER_KEY, null);
            if (stringGlobalPref != null) {
                return Base64.decode(stringGlobalPref, 0);
            }
            byte[] generateSecretKey = generateSecretKey(256, iLogger);
            iPreferences.putStringGlobalPref(GlobalPreferences.AUTH_USER_KEY, Base64.encodeToString(generateSecretKey, 0));
            return generateSecretKey;
        }
    }

    public static synchronized byte[] getTokenCacheKey(IPreferences iPreferences) {
        synchronized (SecretBox.class) {
            String stringGlobalPref = iPreferences.getStringGlobalPref(GlobalPreferences.AUTH_USER_KEY, null);
            if (stringGlobalPref == null) {
                return null;
            }
            return Base64.decode(stringGlobalPref, 0);
        }
    }

    private static synchronized boolean isNotificationEncryptionAseKeyExpired(IPreferences iPreferences) {
        synchronized (SecretBox.class) {
            return getNotificationEncryptionAseKeyGenerationTime(iPreferences) == null ? false : false;
        }
    }

    private static byte[] process(int i, Key key, byte[] bArr, ILogger iLogger) {
        try {
            Cipher cipher = Cipher.getInstance(RSA_CIPHER_TYPE);
            if (i == 1) {
                cipher.init(i, KeyFactory.getInstance(key.getAlgorithm()).generatePublic(new X509EncodedKeySpec(key.getEncoded())), new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
            } else {
                cipher.init(i, key);
            }
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            iLogger.log(7, TAG, e);
            return null;
        }
    }

    private static byte[] process(int i, byte[] bArr, byte[] bArr2, byte[] bArr3, ILogger iLogger) {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
        try {
            Cipher cipher = Cipher.getInstance(AEC_CIPHER_TYPE);
            cipher.init(i, secretKeySpec, ivParameterSpec);
            return cipher.doFinal(bArr3);
        } catch (Exception e) {
            iLogger.log(7, TAG, e);
            return null;
        }
    }

    public static synchronized boolean verifyNotificationKeys(String str, ILogger iLogger, IPreferences iPreferences) {
        synchronized (SecretBox.class) {
            try {
                byte[] decode = Base64.decode(str, 0);
                if (!String.format("0x%02X", Byte.valueOf(Arrays.copyOfRange(decode, 0, 1)[0])).equalsIgnoreCase(getNotificationEncryptionCryptoMethod(iPreferences))) {
                    return false;
                }
                byte[] digest = MessageDigest.getInstance("SHA-256").digest(Base64.decode(getNotificationEncryptionAuthKey(iLogger, iPreferences), 0));
                try {
                    byte[] copyOfRange = Arrays.copyOfRange(decode, 0, decode.length - 32);
                    Mac mac = Mac.getInstance("HmacSHA256");
                    mac.init(new SecretKeySpec(digest, "HmacSHA256"));
                    return Arrays.equals(Arrays.copyOfRange(decode, decode.length - 32, decode.length), mac.doFinal(copyOfRange));
                } catch (Exception e) {
                    iLogger.log(7, TAG, e);
                    return false;
                }
            } catch (Exception e2) {
                iLogger.log(7, TAG, e2);
                return false;
            }
        }
    }
}
